package my.sorter.security;

import my.sorter.bean.StaffSecurityInfo;
import my.sorter.dao.baseClient.PermissionMapper;
import my.sorter.dao.baseClient.RoleMapper;
import my.sorter.dao.baseClient.StaffMapper;
import my.sorter.dao.model.Permission;
import my.sorter.dao.model.Role;
import my.sorter.dao.model.Staff;
import my.sorter.dao.model.StaffExample;
import my.sorter.dao.privateClient.PStaffMapper;
import my.sorter.service.SecurityService;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationException;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;

import java.util.ArrayList;
import java.util.Collections;
import java.util.List;

/**
 * @author zyf10
 */
public class StaffRealm extends AuthorizingRealm {

    @Autowired
    private StaffMapper staffMapper;
    @Autowired
    private SecurityService securityService;

    /**
     * 账户认证
     *
     * @param authenticationToken
     * @return
     * @throws AuthenticationException
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo
    (AuthenticationToken authenticationToken) throws AuthenticationException {
        Staff staff = null;
        StaffExample staffExample = new StaffExample();
        staffExample
                .createCriteria()
                .andJobNumberEqualTo(Integer.parseInt(
                        authenticationToken
                                .getPrincipal().toString()));
        List<Staff> staffs = staffMapper.selectByExample(staffExample);
        if (staffs == null || staffs.size() == 0) {
            return null;
        } else if (staffs.size() > 1) {
            throw new AuthenticationException("存在相同工号的两条员工记录！");
        } else {
            staff = staffs.get(0);
            return new SimpleAuthenticationInfo(staff.getJobNumber(),
                    staff.getPasswd(),
                    getName());
        }
    }

    /**
     * 账户授权
     *
     * @param principalCollection
     * @return
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo
    (PrincipalCollection principalCollection) {
        Integer currentJobNumber =
                Integer.parseInt(principalCollection
                        .getPrimaryPrincipal().toString());
        StaffSecurityInfo staffSecurityInfo =
                securityService.getSecurityInfo(currentJobNumber);
        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
        if (staffSecurityInfo != null) {
            authorizationInfo.addRoles(staffSecurityInfo.getRoles());
            authorizationInfo
                    .addStringPermissions(staffSecurityInfo.getPermissions());
        } else {
            throw new AuthorizationException("查询用户权限信息失败");
        }
        return authorizationInfo;
    }
}
